CVE-2015-4303 - Deteriorating Sacks

Description

Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parameter aka Bug ID CSCuv12333.

Reference

http://tools.cisco.com/security/center/viewAlert.x?alertId=40433 http://www.securityfocus.com/bid/76322 http://www.securitytracker.com/id/1033268